The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
|
#1
|
|||
|
|||
Potential Forum Runner XSS Exploit (vBulletin 4.1.12, vBulletin 4.2+)
During testing of vBulletin 4.2.2 a potential xss exploit was found by our QA team in the Forum Runner application.
As a result we have fixed this issue in vB4.2.2 & are releasing PL updates for 4.2.1, 4.2.0 & 4.1.12. vBulletin 4.2.1 PL1 vBulletin 4.2.0 PL4 vBulletin 4.1.12 PL 4 Note that this only affects the included Forum Runner application, not the main vB4 Forum or Suite. If you are not using the Forum Runner application on your forum, you will not be affected by this issue. To patch your forum you can do one of three things. 1. Download the relevant patch for you version, unzip it, and upload the patch files to your server. 2. Download the latest full version of vB4.2.x, unzip and upload the files, and upgrade your forum to the latest version (delete the install folder afterwards). 3. Download the full set of files for your current version unzip and upload the files to replace all the files on your server (delete the install folder afterwards).. |
Thread Tools | |
Display Modes | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|